Lucene search
+L

CVE-2024-2936 Sydney Toolbox <= 1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id

🗓️ 29 Mar 2024 05:35:32Reported by WordfenceType 
cvelist
 cvelist
🔗 www.cve.org👁 17 Views

The Sydney Toolbox WordPress plugin (up to v1.26) allows authenticated attackers to execute stored cross-site scripting attacks using the _id attribute of widgets

Related
Affected
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2024-2936
13 Feb 202517:12
circl
CNNVD
WordPress Plugin Sydney Toolbox 安全漏洞
29 Mar 202400:00
cnnvd
CVE
CVE-2024-2936
29 Mar 202405:35
cve
EUVD
EUVD-2024-27878
3 Oct 202520:07
euvd
NVD
CVE-2024-2936
29 Mar 202406:15
nvd
OSV
CVE-2024-2936
29 Mar 202406:15
osv
Patchstack
WordPress Sydney Toolbox Plugin <= 1.26 is vulnerable to Cross Site Scripting (XSS)
29 Mar 202400:00
patchstack
Positive Technologies
PT-2024-22866 · WordPress · Sydney Toolbox
28 Mar 202400:00
ptsecurity
RedhatCVE
CVE-2024-2936
7 Jan 202609:12
redhatcve
Vulnrichment
CVE-2024-2936 Sydney Toolbox <= 1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id
29 Mar 202405:35
vulnrichment
Rows per page
[
  {
    "vendor": "smub",
    "product": "Sydney Toolbox",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "1.26",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

08 Apr 2026 16:34Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.16.4
EPSS0.0034
17